#!/bin/bash
#屏蔽每分钟访问超过200的ip
date=$(date +%d/%b/%Y:%H:%MM)
ip = $(tail -n 5000 lastb|grep $date | awk '{a[$3]++}END{for(i in a)if(a[i]>10)print i}')
for IP in $ip
do
	if [ $(iptables -vnL |grep -c "$IP") -eq 0 ];then
	iptables -a INPUT -s $ip -j DROP
	fi
done
